I'm trying to calculate the locations of local variables inside a running program using libdwarf. I used to be able to do this by executing DW_OP_fbreg which would ultimately map to a register that would the frame base for that function. In the newer dwarf standard the frame base is DW_OP_call_frame_cfa. I can't seem to find any information that tells me how to execute DW_OP_call_frame_cfa and come back with a frame base location. There's a lot of references to a CFA table and who restores what registers but I don't know how to get at that information and how to apply it. Can someone fill in the gaps?

DW_OP_call_frame_cfa means that you have to use the call frame information to compute the CFA; then push this on the expression stack.

See section 6.4 ("Call Frame Information") of the DWARF 4 standard for an explanation of this. Essentially you must now read the .debug_frame section and decode it according to the rules described in 6.4. This amounts to writing another interpreter for another little bytecode language; and possibly reusing the DWARF expression interpreter as well.

This opcode is basically a space optimization in DWARF. Compilers were already emitting the call frame information, and this opcode lets them reuse it to compute variable locations as well.